Guidance

GOV.UK licensing privacy notice

Published 18 May 2018

GOV.UK licensing is a service that allows users to apply for, change or renew licences.

It’s provided by the Government Digital Service (GDS) which is part of the Cabinet Office.

The data controller for GDS is the Cabinet Office – a data controller determines how and why personal data is processed. Read the Cabinet Office’s entry in the Data Protection Public Register for more information.

What data we need

The personal data we collect from you will include:

  • names
  • addresses
  • dates of birth
  • contact details
  • nationality
  • phone number
  • email address
  • union or professional organisation membership - if required
  • insurance details - if required
  • alleged or actual details of a criminal offence - if required

Some of the documents we ask for, like floor plans or immigration documents, contain personal data as well.

The legal basis for processing this data is to perform a specific task in the public interest that is set out in law and is statute based.

Why we need it

Government departments, local authorities and other competent authorities need specific data to process and issue, change or renew licences. The laws controlling each licence set out these requirements.

What we do with it

Your application and the data you submit is passed on to the competent authority (for example, your local authority or the DVLA) for processing. We use your email address to give you a reference number for your records. The information you provide in application forms is in a secure file and it cannot be changed.

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for marketing purposes

We will share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.

How long we keep your data

We will only retain your personal data for as long as:

  • it is needed for the purposes set out in this document
  • the law requires us to

We keep all the data you submit for a maximum of 93 days. When a competent authority collects your application the data is removed after 10 days.

Children’s privacy protection

Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. It is not our policy to intentionally collect or maintain data about anyone under the age of 13.

Where your data is processed and stored

We transfer your data to the authority in charge of the licence so they can process your application.

We design, build and run our systems to make sure that your data is as safe as possible at any stage, both while it’s processed and when it’s stored.

Your personal data will be processed by GDS within the European Economic Area (EEA) and will not be transferred outside of its territories.

How we protect your data and keep it secure

We are committed to keeping your data secure. We set up systems and processes to prevent unauthorised access or disclosure of the data we collect about you – for example, we protect your data using varying levels of encryption. We also make sure that third parties we deal with have an obligation to keep all personal data they process on our behalf secure.

Your rights

You have the right to request:

  • information about how your personal data is processed
  • a copy of any personal data you have provided in an accessible format
  • that anything inaccurate in your personal data is corrected immediately

You can also:

  • raise an objection about how your personal data is processed
  • request that your personal data is erased if there is no longer a justification for it
  • ask that the processing of your personal data is restricted in certain circumstances

If you have any of these requests, get in contact with our Data Protection Officer. Contact details can be found below.

Changes to this notice

We may modify or amend this privacy notice at our discretion at any time. When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date. If these changes affect how your personal data is processed, GDS will take reasonable steps to make sure you know.

How to contact us

The data controller for your personal data is the Cabinet Office.

If you have any questions about this privacy notice contact the GDS Privacy Team: gds-privacy-office@digital.cabinet-office.gov.uk.

The Data Protection Officer provides advice and monitors Cabinet Office’s use of personal information. If you have any concerns about how your personal data has been handled, please contact the DPO:

Data Protection Officer

Cabinet Office
70 Whitehall
London
SW1A 2AS

If you have a complaint, you can also contact the Information Commissioner, who is an independent regulator set up to uphold information rights.

Information Commissioner's Office

Email icocasework@ico.org.uk

Contact form https://ico.org.uk/glo...

Telephone 0303 123 1113

Textphone 01625 545 860